Now let’s think about the damage of a serious vulnerability in the JQuery or other widely used libraries.
In such a case the effect would be very much.
1. Snooping The Words You Type
2. Tracking Your Browsing Habits
3. Malicious Code Injection
If this happens on a website that handles sensitive user information, such as financial data, the malicious code could potentially snoop and steal that information. Taken one step further, XSS can be used to reproduce viruses and malware, which is what happened when Twitter was infected with the StalkDaily worm.
BeEF is a project which uses browser vulnerabilities to gain control of the target computer system.
Let’s consider a possible scenario, as mentioned in Table I above, JQuery is widely used worldwide (%86 in alexa, %62 in Com). Today, JQuery has 66 different versions. More than half of these versions have at least one vulnerability. If attackers can add malicious code (e.g. hook.js ) to a website using any vulnerability, they can gain full access to the target machines. Considering that JQuery is so widely used, this situation may affect millions of people in a bad way. (Detailed information about these statistical informations are explained below.)
But How? It is a little complicated and there is some limitations.
About this topic, there is an academic paper which is published recently. In this post we’ve benefited strongly from the paper. If you want to read more detailed information, read this referenced paper.
Figure 1 shows details of the 11 libraries with vulnerability information. For each library, we show the total number of versions in our catalogue as well as the fraction of versions. The worst offender is Angular 1.2.0, which contains 5 vulnerabilities. Overall, we see that 28.3%, 6.7%, and 6.1% of these library versions contain one, two, or three known vulnerabilities, respectively. More than half version of JQuery has one vulnerability. (Source of figure: study )
In the referenced study, results show that 36.7% of jQuery inclusions are known vulnerable in ALEXA, when at most one inclusion of a specific library version is counted per site. Angular has 40.1% vulnerable inclusions, Handlebars has 86.6 %, and YUI 3 has 87.3 % (it is not maintained any more). (Source: study )
How NormShield take precautions to prevent this situation?